Get Ready for the White House’s Big Push on Cybersecurity

2021 has been a firestorm on the cybersecurity front, and the White House is making moves in response. We’ve had dangerous cyber attacks of all stripes, but some garnered exceptionally large headlines.  The most recent news this week stems from China, identified as being behind a newly discovered series of hacks against key targets in the U.S. government, private companies and the country’s critical infrastructure using a hack on Pulse Secure, a program that many businesses use to keep remote workers connected to their offices. In March it was the Microsoft Exchange Server Zero-day attacks that Microsoft traced back to Hafnium, a state-sponsored advanced persistent threat (APT) group from China. Before that, another foreign power took a shot, with the Russian state-orchestrated SolarWinds attack which saw the US government directly point fingers at Russia for hacking nine government agencies.

While those may be the big hacks that swallowed a good share of our 24/7 news cycle, there were also a few other alarming attacks against industrial control systems this year.  In February, someone remotely accessed a computer for the Florida City of Oldsmar ’s water treatment system and briefly increased the amount of sodium hydroxide, also known as lye, by a factor of more than 100, but that attacker(s) didn’t need sophisticated state-sponsored skills and goodies, they simply exploited weak passwords.

Just this month, federal prosecutors indicted a Kansas man for allegedly logging into a computer system at a public water system and tampering with the process for cleaning and disinfecting customers’ drinking water. Again, no state-sponsored high-end hacking power, just a simple insider threat, the 22-year-old alleged suspect was employed by the Post Rock Water District for a year, with duties that included remotely logging in to the water district’s computer system to monitor the plant after hours.

Well, the White House is certainly taking notice and is launching a big cybersecurity push targeting the electricity sector first.

On April 20, 2021, the White House announced the first pilot program, a 100 day plan to improve the cybersecurity of the nation's electricity infrastructure as part of a broader initiative focused on industrial control systems. Emily Home, a spokeswoman for the National Security Council, issued a statement that said, “The 100-day plan includes aggressive but achievable milestones and will assist owners and operators as they modernize cybersecurity defenses, including enhancing detection, mitigation and forensic capabilities." The pilot program is being managed by the Department of Energy and the Cybersecurity and Infrastructure Security Agency.

According to Eric Goldstein, Executive Assistant Director for Cybersecurity at CISA, there will also initially be "60-day sprints" organized by CISA which are meant to complement the White House's efforts. The first “sprint” will begin this summer, focused on industrial control systems and the risks posed from the use of computer operated physical systems to deliver infrastructure including water, electricity and natural gas. The 100 day plan is also meant to be a national call to action for control system cybersecurity, with CISA looking to engage with private companies managing infrastructure for the chemical sector, dams, energy, transportation and water and wastewater.

If You’re Talking About Industrial Controls, SCADA Tops the List

SCADA systems (Supervisory Control and Data Acquisition) of critical infrastructure targets have always been tantalizing for hackers, from those state-sponsored saboteurs from other nations looking for a cyber-warfare advantage, to hacktivists trying to make a political or ideological statement, or even a lone wolf hacker just looking for some notoriety in underground hacker circles, and by compromising a system or network of an infrastructure organizations, they can accomplish their goals. We’ve seen them all play out this year already. That’s why is it essential today to find out how an infrastructure entity’s cybersecurity posture stacks up.

To find out, there are some simple questions that need to be answered, and the only right answer to all of them would be YES!

Have regular vulnerability assessments been performed by experienced cyber security professionals?

Has regular penetration testing been done to identify weaknesses in your security chain so they can be rectified?

Have applications been tested for unwanted malware and/or other vulnerabilities?

Have deep scans been regularly performed to identify and neutralize any resident malware like rootkits and RATs?

Do you have detailed documentation from trusted professionals to back up those claims?

GDF Can Help

GDF’s experts can help clients not only test and secure their own networks, systems and devices, but can also significantly raise awareness as to potential problems they may be facing from those trusted outside entities they are involved with, and we can help review any cyber security documentation, policies and procedures they have to spot dangers and deficiencies before it’s too late. properly handled.

*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, cybersecurity and emergency incident response, with years of experience assisting clients in the government, banking, legal, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a cost-effective plan which will meet your unique needs, without wasting resources on solutions you simply don’t need. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to call 1-800-868-8189 for immediate help. For more information, visit GDF's cybersecurity page.

You can call GDF at 1-800-868-8189 today, or fill out the form below and we’ll contact you.